Hacker News new | ask | show | jobs
by ecesena 1884 days ago
I'm getting CORS issues when I try to submit a project (Chrome, Safari).

> Access to XMLHttpRequest at 'https://api.make.rs/projects/' from origin 'https://make.rs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
3 comments
agucova 1884 days ago
I'm getting this same problem while trying to set my profile at the welcome screen (or by going to settings). This is on Firefox Developer Edition.

I then manually disabled CORS (I overrode it with an extension), and noticed it was failing again, but this time with an HTTP 413 to the API endpoint. I changed my image to something smaller (it was 3 MB), and it worked.

link
MucuMare 1884 days ago
Thanks a lot for these details, it is very helpful. I'll deploy a fix later today to address this problem (cors errors for large images)
link
MucuMare 1884 days ago
This is weird, you are the second one who reports this today. I really wonder what's wrong as it works for the rest, and the CORS is configured correctly IMO (but seems it's not?). Sorry :/
link
DrOctagon 1884 days ago
I had a similar issue once with an app hosted on Azure. Large images were triggering the WAF sometimes as a ‘chunk’ of the image would falsely match a default firewall rule.

The CORS error was because the ‘request blocked’ response was a html page without cross origin headers.

Worth checking for that

link
dalmo3 1883 days ago
Yes, I've seen this same issue with AWS lambdas. Browser reports CORS errors but sending the same request with Postman returns HTTP500, which made me realise it was a malformed request.
link
MucuMare 1884 days ago
Very interesting, thanks for the pointer, much appreciated. I was suspecting it has to do with uploading large images but your comment made it clear where to look at now.
link
ecesena 1884 days ago
Do you have multiple API instances by chance? Maybe one remained with "old" code?
link
MucuMare 1884 days ago
Only one which is deleted everytime I deploy a new version. This one stresses me a lot at the moment so I need to figure out what causes it and then fix it haha.
link
MucuMare 1884 days ago
Fixed - Thank you all who gave me good pointers at what to look at.
link
ecesena 1882 days ago
Confirmed working now
link